MCPcopy
hub / github.com/XTLS/REALITY / sendServerFinished

Method sendServerFinished

handshake_server_tls13.go:1004–1054  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

1002}
1003
1004func (hs *serverHandshakeStateTLS13) sendServerFinished() error {
1005 c := hs.c
1006
1007 finished := &finishedMsg{
1008 verifyData: hs.suite.finishedHash(c.out.trafficSecret, hs.transcript),
1009 }
1010
1011 if _, err := hs.c.writeHandshakeRecord(finished, hs.transcript); err != nil {
1012 return err
1013 }
1014
1015 // Derive secrets that take context through the server Finished.
1016
1017 hs.masterSecret = hs.handshakeSecret.MasterSecret()
1018
1019 hs.trafficSecret = hs.masterSecret.ClientApplicationTrafficSecret(hs.transcript)
1020 serverSecret := hs.masterSecret.ServerApplicationTrafficSecret(hs.transcript)
1021 c.out.setTrafficSecret(hs.suite, QUICEncryptionLevelApplication, serverSecret)
1022
1023 if c.quic != nil {
1024 if c.hand.Len() != 0 {
1025 // TODO: Handle this in setTrafficSecret?
1026 c.sendAlert(alertUnexpectedMessage)
1027 }
1028 c.quicSetWriteSecret(QUICEncryptionLevelApplication, hs.suite.id, serverSecret)
1029 }
1030
1031 err := c.config.writeKeyLog(keyLogLabelClientTraffic, hs.clientHello.random, hs.trafficSecret)
1032 if err != nil {
1033 c.sendAlert(alertInternalError)
1034 return err
1035 }
1036 err = c.config.writeKeyLog(keyLogLabelServerTraffic, hs.clientHello.random, serverSecret)
1037 if err != nil {
1038 c.sendAlert(alertInternalError)
1039 return err
1040 }
1041
1042 c.ekm = hs.suite.exportKeyingMaterial(hs.masterSecret, hs.transcript)
1043
1044 // If we did not request client certificates, at this point we can
1045 // precompute the client finished and roll the transcript forward to send
1046 // session tickets in our first flight.
1047 if !hs.requestClientCert() {
1048 if err := hs.sendSessionTickets(); err != nil {
1049 return err
1050 }
1051 }
1052
1053 return nil
1054}
1055
1056func (hs *serverHandshakeStateTLS13) shouldSendSessionTickets() bool {
1057 if hs.c.config.SessionTicketsDisabled {

Callers 1

handshakeMethod · 0.95

Calls 12

requestClientCertMethod · 0.95
sendSessionTicketsMethod · 0.95
finishedHashMethod · 0.80
writeHandshakeRecordMethod · 0.80
MasterSecretMethod · 0.80
setTrafficSecretMethod · 0.80
sendAlertMethod · 0.80
quicSetWriteSecretMethod · 0.80
writeKeyLogMethod · 0.80
exportKeyingMaterialMethod · 0.80

Tested by

no test coverage detected